Sniffing around

Wi-Fi makes searching other people’s data easy but not necessarily common

Sitting at a table outside Mishka’s Café, a coffeehouse in downtown Davis that offers free wireless Internet access, Tye Stallard is one of a half-dozen customers using a laptop. But while others surf the Net, Stallard’s computer eavesdrops on their data.

He’s not up to anything sinister. As a postgraduate researcher in the Department of Computer Science at the University of California, Davis, Stallard knows what is and isn’t legal, and before agreeing to an interview, he made clear he wouldn’t do anything he shouldn’t. He works in the security lab, where academics work to create safeguards for the wireless networks popping up everywhere.

After a few minutes, he scrolls through a column of green characters on a black screen. It looks like gibberish, but it’s actually network traffic recorded by a utility called a “sniffer” that captures the bits of data flying around the cafe.

“These are the packets of data that have been going by as we’ve been talking. Here, you can see somebody surfing the Web, where it says, ‘http,’” Stallard says. “Here, you can see someone looking up a domain name. They’re looking for Weatherbug.com.”

Stallard also can see how many other users (four) are logged on to the cafe’s network, which is nothing fancy. At Mishka’s, laptops with wireless cards connect to a circular white base station that looks a bit like a big smoke detector mounted on the wall. The base station is linked to an old iMac behind the counter and to the Internet beyond.

Because of the way local networks evolved, Stallard says, traffic bound for one computer passes through the others. These days, it doesn’t take a computer-security expert like Stallard to sniff packets; the program he uses, Kismet, is widely available and easy to use, and the networks are everywhere.

Stallard takes out maps that show Manhattan and San Francisco almost totally covered with little dots indicating wireless signals. It looks like a strange fungus is taking over. And of those dots, many represent unlocked doors to the Internet. Using someone else’s network, Stallard says, is so easy that it can be done accidentally.

There are dangers. Someone could pilfer passwords, maybe a credit card. A skilled user, Stallard says, could run a sniffer on a Palm Pilot, slip it into his pocket, hang out for a while capturing traffic, find a password and then get back on the network later with a directional antenna from a mile away. With that anonymity, attacks can come from anywhere.

In UC Davis’ security lab, researchers are developing ways to recognize signs of intrusion. Stallard did his thesis on creating a prototype that looks for hackers covering their tracks on a network by making themselves invisible. Researchers also are trying to find solutions to problems that won’t exist for years. One example: Someone buys a movie ticket with a cell phone, and someone else sniffs that person’s authentication code and then uses it to buy more movie tickets. “Wireless connectivity is going to become much more common, and people are using it without knowledge of its vulnerabilities,” Stallard says. And while the technology may change, he notes that the motivations of those who exploit it stay the same.

But, for most people, the ease of exploiting wireless networks doesn’t make it that likely that it would happen—the same way it may be easy to break into your house, but there aren’t necessarily a bunch of burglars inside when you get home from work.

And, ultimately, technology can’t protect against everything. “If someone can break your window and steal your laptop,” he says, “it doesn’t matter how strong your cryptography is.”